Incidents

Fiesta parties on

Over the last couple of weeks, we’ve been seeing new modifications of the PDF exploits spread and managed by the El Fiesta toolkit. Among other things, this nasty package targets unpatched Adobe and browser vulnerabilities to download more malicious code onto the victim machine.

A ‘nice’ feature – for the bad guys, that is – is that Fiesta can be used not just to launch attacks, but to monitor them online. The screenshot below shows data on attacks which have been launched on machines around the world.

El Fiesta got a fair bit of publicity back in September this year. The fact that we’re seeing new variants shows there are still a good number of machines with unpatched software out there that malware writers want to get their hands on.

Fiesta parties on

Your email address will not be published.

 

Reports

Andariel deploys DTrack and Maui ransomware

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

APT trends report Q2 2022

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q2 2022.

Subscribe to our weekly e-mails

The hottest research right in your inbox